CWE:
 

Topic
Date
Author
Med.
Joomla Spinner 360 1.3.0 SQL Injection
28.02.2017
Ihsan Sencan
Med.
WordPress Kama Click Counter 3.4.9 SQL Injection
28.02.2017
Manuel GarcAa CA!rdena...
Med.
Joomla com_remository Component 'id' Parameter Sql Injection Vulnerability
27.02.2017
IrIsT.Ir
Med.
Joomla com_k2 Component 'id' Parameter Sql Injection Vulnerability
27.02.2017
IrIsT.Ir
Med.
Joomla com_onlinejudge Component - 'Itemid' Parameter Sql Injection Vulnerability
27.02.2017
IrIsT.Ir
Med.
Joomla com_fsf Component 'catid' Parameter Sql Injection Vulnerability
27.02.2017
IrIsT.Ir
Med.
Joomla GPS Tools 4.0.1 SQL Injection
25.02.2017
Ihsan Sencan
Med.
Joomla AJAX Search For K2 2.2 SQL Injection
25.02.2017
Ihsan Sencan
Med.
Joomla Community Surveys 4.3 SQL Injection
25.02.2017
Ihsan Sencan
Med.
Joomla Community Quiz 4.3.5 SQL Injection
25.02.2017
Ihsan Sencan
Med.
Joomla JO Facebook Gallery 4.5 SQL Injection
25.02.2017
Ihsan Sencan
Med.
Joomla Community Polls 4.5.0 SQL Injection
25.02.2017
Ihsan Sencan
Med.
Joomla JooDatabase 3.1.0 SQL Injection
25.02.2017
Ihsan Sencan
Med.
Joomla Intranet Attendance Track 2.6.5 SQL Injection
25.02.2017
Ihsan Sencan
Med.
Travel Portal Script 9.37 Cross Site Scripting / SQL Injection
24.02.2017
Marc Castejon
Med.
MBLS Flex CMS 0.7.2 SQL Injection / Cross Site Scripting
24.02.2017
Bilal KARDADOU
Med.
WordPress Mail Masta 1.0 SQL Injection
24.02.2017
Hanley Shun
Med.
Joomla BookLibrary 3.6.1 SQL Injection
24.02.2017
Ihsan Sencan
Med.
Joomla Eventix Events Calendar 1.0 SQL Injection
24.02.2017
Ihsan Sencan
Med.
Joomla J-BusinessDirectory 4.6.8 SQL Injection
24.02.2017
Ihsan Sencan
Med.
Joomla AppointmentBookingPro 4.0.1 SQL Injection
24.02.2017
Ihsan Sencan
Med.
Joomla J-CruiseReservation Standard 3.0 SQL Injection
24.02.2017
Ihsan Sencan
Med.
Joomla VehicleManager 3.9 SQL Injection
24.02.2017
Ihsan Sencan
Med.
Joomla RealEstateManager 3.9 SQL Injection
24.02.2017
Ihsan Sencan
Med.
Joomla MultiTier 3.1 SQL Injection
24.02.2017
Ihsan Sencan
Med.
Joomla MediaLibrary Basic 3.5 SQL Injection
24.02.2017
Ihsan Sencan
Med.
Joomla UserExtranet 1.3.1 SQL Injection
24.02.2017
Ihsan Sencan
Med.
Joomla Component com_digistore 'cid' Parameter Sql Injection Vulnerability
22.02.2017
IrIsT.Ir
Med.
Joomla Component com_redshop 'Pid' Parameter Sql Injection Vulnerability
22.02.2017
IrIsT.Ir
Med.
DejabĂș's Scripts SQL Injection
21.02.2017
fl3xpl0it
Med.
Joomla Anief 1.5 SQL Injection
21.02.2017
Amir
Med.
Joomla DJCatalog2 1.5 SQL Injection
21.02.2017
Amir
Med.
Joomla Component Com_rsgallery2 'gid' Parameter Sql Injection Vulnerability
20.02.2017
IrIsT.Ir
Med.
Joomla Component com_djcatalog2 'cid' Parameter Sql Injection Vulnerability
19.02.2017
IrIsT.Ir
Med.
Joomla Component com_dcrc 'pid' Parameter Sql Injection Vulnerability
18.02.2017
IrIsT.Ir
Med.
Joomla Component com_topics 'id' Parameter Sql Injection Vulnerability
18.02.2017
IrIsT.Ir
Med.
Joomla Component com_docman 'gid' Parameter Sql Injection Vulnerability
18.02.2017
IrIsT.Ir
Med.
dotCMS 3.6.1 Blind Boolean SQL Injection
18.02.2017
Ben Nott
Med.
activeshow mod module Sql Injection
16.02.2017
Ashiyane Digital Secur...
Med.
Joomla Music Collection 3.0.3 SQL Injection
15.02.2017
Persian Hack Team
Med.
Itech B2B 4.2.9 Cross Site Scripting / SQL Injection
15.02.2017
Marc Castejon
Med.
Joomla Component GameServer! 3.4 - SQL Injection
14.02.2017
Persian Hack Team
Med.
Joomla Component Fastball 3.2.8 - SQL Injection
14.02.2017
Persian Hack Team
Med.
Quadz School Management System 3.1 SQL Injection
14.02.2017
Ihsan Sencan
Med.
WhizBiz Business Directory CMS 1.9 SQL Injection
14.02.2017
Ihsan Sencan
Med.
PHP Marketplace Script SQL Injection
14.02.2017
Yunus YILDIRIM
Med.
Joomla JE Awd Song 1.8 SQL Injection
14.02.2017
Ihsan Sencan
Med.
Joomla Hbooking 1.9.9 SQL Injection
14.02.2017
Ihsan Sencan
Med.
Joomla JE Auto 1.5 SQL Injection
14.02.2017
Ihsan Sencan
Med.
Joomla JE Auction 1.6 SQL Injection
14.02.2017
Ihsan Sencan
Med.
Joomla JE Tour 2.0 SQL Injection
14.02.2017
Ihsan Sencan
Med.
Joomla JE Video Rate 1.0 SQL Injection
14.02.2017
Ihsan Sencan
Med.
Joomla JE Classify Ads 1.2 SQL Injection
14.02.2017
Ihsan Sencan
Med.
Joomla JE Quiz 2.3 SQL Injection
14.02.2017
Ihsan Sencan
Med.
Joomla JE Directory Ads 1.7 SQL Injection
14.02.2017
Ihsan Sencan
Med.
Joomla JE K2 Multiple Form Story 1.3 SQL Injection
14.02.2017
Ihsan Sencan
Med.
Joomla JE Form Creator 1.8 SQL Injection
14.02.2017
Ihsan Sencan
Med.
Joomla JE Ticket System 1.2 SQL Injection
14.02.2017
Ihsan Sencan
Med.
Joomla JE Grid Folio SQL Injection
14.02.2017
Ihsan Sencan
Med.
Joomla JE Portfolio Creator 1.2 SQL Injection
14.02.2017
Ihsan Sencan
Med.
Joomla JE Property Finder 1.6.3 SQL Injection
14.02.2017
Ihsan Sencan
Med.
Joomla JE Gallery 1.3 SQL Injection
14.02.2017
Ihsan Sencan
Med.
Joomla JE Messanger SQL Injection
14.02.2017
Ihsan Sencan
Med.
Joomla JE QuoteForm SQL Injection
14.02.2017
Ihsan Sencan
Med.
Joomla Component Soccer Bet 4.1.5 - SQL Injection
13.02.2017
Persian Hack Team
Med.
Joomla Component Vik Booking 1.7 - SQL Injection
13.02.2017
Persian Hack Team
Med.
Joomla Component Sponsor Wall 7.0 - SQL Injection
13.02.2017
Persian Hack Team
Med.
Joomla Component onisMusic 2 - SQL Injection
13.02.2017
Persian Hack Team
Med.
Joomla Component onisQuotes 2.5 - SQL Injection
13.02.2017
Persian Hack Team
Med.
Joomla Component onisPetitions 2.5 - SQL Injection
13.02.2017
Persian Hack Team
Med.
Youtube Analytics Multi Channel 3.0 SQL Injection
10.02.2017
Ihsan Sencan
Med.
Creative Management System CMS Lite 1.3.1 SQL Injection
10.02.2017
Ihsan Sencan
Med.
Gram Post Instagram Auto Post Multi Accounts With Paypal Integration 1.0 SQL Injection
10.02.2017
Ihsan Sencan
Med.
Takas Classified Cogeigniter PHP Classified Ad Script 1.1 SQL Injection
10.02.2017
Ihsan Sencan
Med.
Tiger Post Facebook Auto Post Multi Pages/Groups/Profiles 3.0.1 SQL Injection
10.02.2017
Ihsan Sencan
Med.
Zigaform PHP Form Builder Contact And Survey 2.9.1 SQL Injection
10.02.2017
Ihsan Sencan
Med.
Bloglar + Blog SQL Injection
10.02.2017
Germen
Med.
MajidZ SQL Injection
10.02.2017
Dmitriy From Area 51
Med.
Turkish Haber SQL Injection
09.02.2017
Alperen Keskin
Med.
Sendroid 5.2 SQL Injection
09.02.2017
Ihsan Sencan
Med.
Mobiketa Complete Mobile Marketing 3.5 SQL Injection
09.02.2017
Ihsan Sencan
Med.
SOA School Management SQL Injection
09.02.2017
Ihsan Sencan
Med.
Examplo Online Exam System SQL Injection
09.02.2017
Ihsan Sencan
Med.
Fome SMS Portal 2.0 SQL Injection
09.02.2017
Ihsan Sencan
Med.
Muviko Video CMS SQL Injection
09.02.2017
Ihsan Sencan
Med.
Multi Outlets POS 3.1 SQL Injection
09.02.2017
Ihsan Sencan
Med.
Easy Support Tools 1.0 SQL Injection
09.02.2017
Ihsan Sencan
Med.
Visual Link Sharing Websites Builder Script 2.1.0 SQL Injection
09.02.2017
Ihsan Sencan
Med.
ThisIsWhyImBroke Clone Script 4.0 SQL Injection
09.02.2017
Ihsan Sencan
Med.
Upworthy Clone Script 1.1.0 SQL Injection
09.02.2017
Ihsan Sencan
Med.
Fully Featured News CMS 1.0 SQL Injection
09.02.2017
Ihsan Sencan
Med.
Ultimate Viral Media Script 1.0 SQL Injection
09.02.2017
Ihsan Sencan
High
MySQL File Uploader 1.0 SQL Injection
09.02.2017
Ihsan Sencan
Med.
Easy Web Search 3 SQL Injection
09.02.2017
Ihsan Sencan
Med.
Clone Script Directory Script 1.1.0 SQL Injection
09.02.2017
Ihsan Sencan
Med.
Funny Image And Video Script 2.0.0 SQL Injection
09.02.2017
Ihsan Sencan
Med.
Viral Pictures And Video Script 2.0.0 SQL Injection
09.02.2017
Ihsan Sencan
Med.
Viral Fun Facts Sharing Script 1.1.0 SQL Injection
09.02.2017
Ihsan Sencan
Med.
Web Inspiration Gallery Script 1.0.0 SQL Injection
09.02.2017
Ihsan Sencan
Med.
BT Options SQL Injection Vulnerabilites
08.02.2017
Ashiyane Digital Secur...


CVEMAP Search Results

CVE
Details
Description
2015-02-20
Medium
CVE-2015-1517

Vendor: Piwigo
Software: Piwigo
 

 
SQL injection vulnerability in Piwigo before 2.7.4, when all filters are activated, allows remote authenticated users to execute arbitrary SQL commands via the filter_level parameter in a "Refresh photo set" action in the batch_manager page to admin.php.

 
2015-02-17
Medium
CVE-2015-1616

Vendor: Mcafee
Software: Data loss pr...
 

 
SQL injection vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated ePO users to execute arbitrary SQL commands via unspecified vectors.

 
2015-02-16
Medium
CVE-2015-1434

Vendor: Mylittleforum
Software: My little forum
 

 
Multiple SQL injection vulnerabilities in my little forum before 2.3.4 allow remote administrators to execute arbitrary SQL commands via the (1) letter parameter in a user action or (2) edit_category parameter to index.php.

 
2015-02-12
Medium
CVE-2015-1471

Vendor: Pragyan cms project
Software: Pragyan cms
 

 
SQL injection vulnerability in userprofile.lib.php in Pragyan CMS 3.0 allows remote attackers to execute arbitrary SQL commands via the user parameter to the default URI.

 
2015-02-11
Medium
CVE-2015-1576

Vendor: YUBA
Software: U5cms
 

 
Multiple SQL injection vulnerabilities in u5CMS before 3.9.4 allow remote attackers to execute arbitrary SQL commands via the name parameter to (1) copy2.php, (2) localize.php, (3) metai.php, (4) nc.php, (5) new2.php, or (6) rename2.php in u5admin/; (7) c parameter to u5admin/editor.php; (8) typ parameter to u5admin/meta2.php; or (9) newname parameter to u5admin/rename2.php.

 
2015-02-06
Medium
CVE-2015-1442

Vendor: AAS9
Software: Zerocms
 

 
SQL injection vulnerability in views/zero_transact_user.php in the administrative backend in ZeroCMS 1.3.3, 1.3.2, and earlier allows remote authenticated users to execute arbitrary SQL commands via the user_id parameter in a Modify Account action. NOTE: The article_id parameter to zero_view_article.php vector is already covered by CVE-2014-4034.

 
Medium
CVE-2015-1467

Vendor: Fork-cms
Software: Fork cms
 

 
Multiple SQL injection vulnerabilities in Translations in Fork CMS before 3.8.6 allow remote authenticated users to execute arbitrary SQL commands via the (1) language[] or (2) type[] parameter to private/en/locale/index.

 
Medium
CVE-2015-1513

Vendor: Siphon
Software: Siphone ente...
 

 
SQL injection vulnerability in SIPhone Enterprise PBX allows remote attackers to execute arbitrary SQL commands via the Username.

 
Medium
CVE-2015-1514

Vendor: Fancyfon
Software: Famoc
 

 
Multiple SQL injection vulnerabilities in FancyFon FAMOC before 3.17.4 allow (1) remote attackers to execute arbitrary SQL commands via the device ID REST parameter (PATH_INFO) to /ajax.php or (2) remote authenticated users to execute arbitrary SQL commands via the order parameter to index.php.

 
2015-02-04
Medium
CVE-2014-7864

Vendor: Zohocorp
Software: Manageengine...
 

 
Multiple SQL injection vulnerabilities in the FailOverHelperServlet (aka FailServlet) servlet in ZOHO ManageEngine OpManager 8 through 11.5 build 11400 and IT360 10.5 and earlier allow remote attackers and remote authenticated users to execute arbitrary SQL commands via the (1) customerName or (2) serverRole parameter in a standbyUpdateInCentral operation to servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet.

 

 


Copyright 2017, cxsecurity.com